KEMBAR78
Cyber Security and data Security for all.pptx
Uploaded byRajagopalKeshavan
PPTX, PDF163 views

Cyber Security and data Security for all.pptx

Cyber Security - the do's and dont's

Download to read offline
Introduction The internet has made the world smaller in many ways but it has also opened us up to influences that have never before been so varied and so challenging. With an increasing amount of people getting connected to Internet, the security threats that cause massive harm are also increasing. As fast as security grew, the hacking world grew faster. The term cyber security is used to refer to the security offered through on-line services to protect your online information.
What is Cyber Security ? Cybersecurity is primarily about people, processes, and technologies working together to encompass the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network ops, information assurance, law enforcement, etc. Cyber Security includes being protected by internet-connected systems, including hardware, software and data from cyber attacks. In a computing context, security comprises cyber security and physical security both are used by enterprises to safe against unauthorized access to data centre and other computerized systems. It is the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, theft, damage, modification or unauthorized access. It may also be referred to as information technology security.
Why is Cyber Security Important? Our world today is ruled by technology and we can’t do without it at all. From booking our flight tickets, to catching up with an old friend, technology plays an important role in it. However, the same technology may expose you when it’s vulnerable and could lead to loss of essential data. Cyber security, alongside physical commercial security has thus, slowly and steadily, become one of the most important topics in the business industry to be talked about. Cyber security is necessary since it helps in securing data from threats such as data theft or misuse, also safeguards your system from viruses. • •
Cyber Security Objectives • Protect the confidentiality of data. • Preserve the integrity of data. • Promote the availability of data for authorized users. The objective of Cybersecurity is to protect information from being stolen, compromised or attacked. Cybersecurity can be measured by at least one of three goals- These goals form the confidentiality, integrity, availability (CIA) triad, the basis of all security programs.
Cyber Security Objectives
Confidentiality  the property that information is not made available or disclosed to unauthorized individuals, entities, or processes
Confidentiality  Confidentiality refers to protecting information from being accessed by unauthorized parties. In other words, only the people who are authorized to do so can gain access to sensitive data.  A failure to maintain confidentiality means that someone who shouldn't have access has managed to get it, through intentional behavior or by accident. Such a failure of confidentiality, commonly known as a breach
Integrity the property of safeguarding the accuracy and completeness of assets
Integrity  Integrity refers to ensuring the authenticity of information—that information is not altered, and that the source of the information is genuine.  Imagine that you have a website and you sell products on that site. Now imagine that an attacker can shop on your web site and maliciously alter the prices of your products, so that they can buy anything for whatever price they choose. That would be a failure of integrity, because your information—in this case, the price of a product—has been altered and you didn't authorize this alteration
Availability  The property of being accessible and usable upon demand by an authorized entity
Availability  Availability means that information is accessible by authorized users.  Information and other critical assets are accessible to customers and the business when needed. Note, information is unavailable not only when it is lost or destroyed, but also when access to the information is denied or delayed
Types of Cyber Attacks • A cyber-attack is an exploitation of computer systems and networks. It uses malicious code to alter computer code, logic or data and lead to cybercrimes, such as information and identity theft. • Cyber Attacks can be classified as:- Web based Attacks • Injection attacks • DNS Spoofing • Session Hijacking • Email Attacks • Brute Force • Denial of Service • Dictionary Attacks • URL Interpretation • File Inclusion Attacks • Man in the Middle Attacks System or Malware Based Attacks • Virus • Worm • Trojan horse • Backdoors • Bots
Malware : Sources • Removable media, like Pendrive, CDs, DVDs, and flash drives, may be used to send viruses to your system. Removable media • Viruses can be hidden in document files with the .exe extension. As soon as you open them, the virus activates. Documents and executable files • Download files only from trusted websites. If you download from untrusted websites, there may be chances that those files will contain viruses Internet downloads • Be sure that your service provider is genuine. If the network is unsecured, then it can be accessed by anyone. Network connections • Never open email attachments unless the sender can be trusted. These files may contain viruses to create backdoors. Email attachments • Never click on ads that you don’t trust. They are created so that you can click on them, and hackers will receive details about you. Malicious advertisements
Malware : Functions Overwhelming system resources: Malware, especially worms, can spread around and overwhelm a system or network. Some malware creates so many folders that no memory is left and slows a computer down. Creating a backdoor: Let’s look at an example: Microsoft sends updates every Sunday on all Windows platforms. How do these updates reach to your Windows OS? They create backdoors from where they can send updates. Similarly, hackers create backdoors from where they can continuously send viruses after getting into a system. Disabling security functions: Some malware can disable antivirus software, as well as security updates. This malware tends to last longer because there is no security to stop it. They tend to keep the system vulnerable to other malware. Creating botnets: Hackers make botnets by purely coding. A botmaster controls botnets, and they are usually used to crash websites. Botmaster tells all botnets to flood the website by accessing the website at the same time.
Cyber Attackers In computer and computer networks, an attacker is the individual or organization who performs the malicious activities to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset. There are four types of Cyber Attackers:- • Cyber Criminals - are individual or group of people who use tech to commit cybercrime with the intention of stealing sensitive company information or personal data and generating profits. • Hacktivists - are individuals or groups of hackers who carry out malicious activity to promote a political agenda, religious belief, or social ideology. • State Sponsored Attackers – They have particular objectives aligned with either the political, commercial or military interests of their country of origin. • Insider Threats - The insider threat is a threat to an organization's security or data that comes from within. These types of threats are usually occurred from employees or former employees, but may also arise from third parties, including contractors, temporary workers, employees or customers.
Cyber Security Principles
Data Security Consideration Data security uses various methods to make sure that the data is correct, original, kept confidentially and is safe. It includes- • Ensuring the integrity of data. • Ensuring the privacy of the data. • Prevent the loss or destruction of data. Data Security Consideration • Backups - refers to save additional copies of our data in separate physical or cloud locations from data files in storage. It is essential for us to keep secure, store, and backup our data on a regular basis. • Archival Storage - is the process of retaining or keeping of data at a secure place for long-term storage. The data might be stored in safe locations so that it can be used whenever it is required. • Disposal of Data - Data destruction or disposal of data is the method of destroying data which is stored on tapes, hard disks and other electronic media so that it is completely unreadable, unusable and inaccessible for unauthorized purposes. It also ensures that the organization retains records of data for as long as they are needed.
Firewalls - Firewall is a computer network security system designed to prevent unauthorized access to or from a private network. It can be implemented as hardware, software, or a combination of both. VPNs - A VPN stands for virtual private network. It is a technology which creates a safe and an encrypted connection on the Internet from a device to a network. This type of connection helps to ensure our sensitive data is transmitted safely. Intrusion Detection - An IDS is a security system which monitors the computer systems and network traffic. It analyses that traffic for possible hostile attacks originating from the outsider and also for system misuse or attacks originating from the insider. Access Control - Access control is a process of selecting restrictive access to a system. It is a concept in security to minimize the risk of unauthorized access to the business or organization. Security Technologies
Cyber Security Standards To make cybersecurity measures explicit, the written norms are required. These norms are known as cybersecurity standards: the generic sets of prescriptions for an ideal execution of certain measures. The standards may involve methods, guidelines, reference frameworks, etc. Security standards include: • International Organization for Standardization (ISO) - These standards provide a world-class specification for products, services and computers, to ensure quality, safety and efficiency. They are instrumental in facilitating international trade. • The Information Technology Act (ITA-2000) - Aims is to provide the legal infrastructure in India which deal with cybercrime and e-commerce. • Copyright Act - Copyright is a legal term which describes the ownership of control of the rights to the authors of "original works of authorship" that are fixed
Cyber Security Tools Firewalls Antivirus software Public Key Infrastructure (PKI) Services Managed Detection and Response (MDR) Services Penetration Testing Staff Training
Cyber Security Challenges Ransomware Evolution Blockchain Revolution Internet of Things (IoT) Threats AI Expansion Serverless Apps Vulnerability Crypto Currency Hijacking
• TURN OFF AND REMOVE UN-NEEDED SERVICES • ALWAYS KEEP YOUR PATCH LEVELS UP-TO-DATE • ENFORCE A PASSWORD POLICY. USE COMPLEX PASSWORDS • CONFIGURE MAIL SERVER TO BLOCK OR REMOVE E-MAILS CONTAINING ATTACHMENTS COMMONLY USED TO SPREAD VIRUSES • TRAIN EMPLOYEES NOT TO OPEN ATTACHMENTS UNLESS THEY ARE EXPECTING THEM • ISOLATE INFECTED COMPUTERS QUICKLY TO PREVENT FURTHER COMPROMISING YOUR ORGANISATION • REGULARLY UPDATE AND USE ANTI-VIRUS SOFTWARE BEST SECURITY PRACTICES FOR USERS AND SYS ADMINISTRATORS
• OPENING UNSOLICITED E-MAIL ATTACHMENTS WITHOUT VERIFYING THEIR SOURCE • FAILING TO INSTALL SECURITY PATCHES – ESPECIALLY FOR OS, MICROSOFT OFFICE AND INTERNET EXPLORER • INSTALLING SCREEN SAVERS OR GAMES FROM UNKNOWN SOURCES • NOT MAKING AND TESTING BACKUPS • USING MODEM WHILE CONNECTED THROUGH LAN FIVE WORST SECURITY MISTAKES END-USERS MAKE
• FAILING TO MAINT AND TEST BACKUPS • RUNNING UNNECESSARY SERVICES LIKE FTP, TELNET AND MAIL • IMPLEMENTING FIREWALLS WITH RULES THAT DOESN’T STOP MALICIOUS OR DANGEROUS TRAFFIC-INCOMING OR OUTGOING • FAILING TO UPDATE ANTI-VIRUS SOFTWARE • FAILING TO EDUCATE USERS ON WHAT TO LOOK FOR AND WHAT TO DO WHEN THEY SEE POTENTIAL SECURITY PROBLEM FIVE WORST SECURITY MISTAKES IT PEOPLE MAKE
Conclusion In an organization, to accomplish an effective Cyber Security approach, the peoples, processes, computers, networks and technology of an organization either big or small should be equally responsible. If all components will complement each other then, it is very much possible to stand against the tough cyber threat and attacks.

More Related Content

PPTX
cyber security presentation.pptx
bykishore golla
 
PPTX
Cyber Security awareness of cyber security
byBabaBoss5
 
PPTX
Cyber Sequrity.pptx is life of cyber security
byperweeng31
 
PDF
CyberSecurity.pdf
bySuleiman55
 
PDF
CyberSecurity: A computer-misuse-and-cybercrimes-act.pdf
bynewtonaseri
 
PPTX
unit -ii security1.pptx for Information system management
byemjalaraju1
 
PPTX
Cyber security.pptxelectronic systems, networks, and data from malicious
byBhimNathTiwari1
 
PPTX
Cysecc.pptx
byjondon17
 
cyber security presentation.pptx
bykishore golla
 
Cyber Security awareness of cyber security
byBabaBoss5
 
Cyber Sequrity.pptx is life of cyber security
byperweeng31
 
CyberSecurity.pdf
bySuleiman55
 
CyberSecurity: A computer-misuse-and-cybercrimes-act.pdf
bynewtonaseri
 
unit -ii security1.pptx for Information system management
byemjalaraju1
 
Cyber security.pptxelectronic systems, networks, and data from malicious
byBhimNathTiwari1
 
Cysecc.pptx
byjondon17
 

Similar to Cyber Security and data Security for all.pptx

PPTX
SEMINAR ON CYBER SECURITY.pptx
byGauravWankar2
 
PPTX
Cyber security
byRishav Sadhu
 
PPTX
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
bySharmilaMore5
 
PPTX
cybersecurity presentation for information.pptx
byJitendraYadav364193
 
PDF
Cyber Security Course & Guide. X.GI. pdf
byGrowthy.web
 
PPT
Cyber security & Importance of Cyber Security
byMohammed Adam
 
PPTX
Cyber-Security-Unit-1.pptx
byTikdiPatel
 
PDF
cybersecurity-180303131014.pdf
byyashgupta810747
 
PPTX
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
PPTX
CS_Lecture01.pptx for the new lab conservatio of computer network
bysaad504633
 
PDF
CYBER SECURITY (R18A0521).pdf
byJayaMalaR6
 
PPTX
Cyber Security PPT.pptx
byAkshayKhade21
 
PPTX
Rishabhcyber security.pptx
byRishabhDwivedi70
 
PPTX
Cyber security
byTanu Basoiya
 
PPTX
Lec 1- Intro to cyber security and recommendations
byBilalMehmood44
 
PPTX
Cyber Security
byIllumeo
 
PPTX
What is Cyber & information security.pptx
byamnamahfooz615
 
PPTX
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
byPradeeshSAI
 
PPTX
Lecture 6 Cybersecurity-Basics and .pptx
byakatsesena2003
 
PPT
Chapter1 intro network_security_sunorganised
byBule Hora University
 
SEMINAR ON CYBER SECURITY.pptx
byGauravWankar2
 
Cyber security
byRishav Sadhu
 
Chap 1 Fundamentals of Cyber Security _ Intr to Cyber types.pptx
bySharmilaMore5
 
cybersecurity presentation for information.pptx
byJitendraYadav364193
 
Cyber Security Course & Guide. X.GI. pdf
byGrowthy.web
 
Cyber security & Importance of Cyber Security
byMohammed Adam
 
Cyber-Security-Unit-1.pptx
byTikdiPatel
 
cybersecurity-180303131014.pdf
byyashgupta810747
 
Cyber crime and Information Security.pptx
bySAINATHYADAV11
 
CS_Lecture01.pptx for the new lab conservatio of computer network
bysaad504633
 
CYBER SECURITY (R18A0521).pdf
byJayaMalaR6
 
Cyber Security PPT.pptx
byAkshayKhade21
 
Rishabhcyber security.pptx
byRishabhDwivedi70
 
Cyber security
byTanu Basoiya
 
Lec 1- Intro to cyber security and recommendations
byBilalMehmood44
 
Cyber Security
byIllumeo
 
What is Cyber & information security.pptx
byamnamahfooz615
 
43080d37-44e9-4b2f-9cb5-ceb90f3fab98.pptx
byPradeeshSAI
 
Lecture 6 Cybersecurity-Basics and .pptx
byakatsesena2003
 
Chapter1 intro network_security_sunorganised
byBule Hora University
 

Recently uploaded

PPTX
THERAPEUTIC ENVIORNMENT.............pptx
byAneetaSharma15
 
PDF
BUSINESS ETHICS – UNIT I: Introduction to Business Ethics
byD NANEE
 
PPTX
Hudson Vitale "AI Essentials: From Tools to Strategies: A 2025 NISO Training ...
byNational Information Standards Organization (NISO)
 
PPTX
GAS chromatography ppt (Presentation) by Jatin Chauhan
byjatinchauhan1618
 
PPTX
Single entry System Vs Double entry System.pptx
bylavanyafranklin0804
 
PDF
The Minority Caucus in Parliament has called on government to take immediate ...
bynservice241
 
PPTX
Welcome to our Open Evening 2025 Ballinrobe CS
byjacollins1515
 
PPTX
Capitol Webinar October 2025 Dr. Jha.pptx
byCapitolTechU
 
PPTX
Capital Budgeting - Risk Analysis Using Sensitivity Analysis
bySundar B N
 
PDF
The Children’s Support Fund, set up to support the welfare and education of c...
bynservice241
 
PDF
Yaksha Prashna | General Quiz at RLAC | Amlan Sarkar | Full Set
byAmlan Sarkar
 
PPTX
Common problems or challenges faced by Indian adolescents
byDr. Harpal Kaur
 
PDF
BUSINESS ETHICS – UNIT V: Ethical Insights from Thirukkural and Modern Thought
byD NANEE
 
PDF
Total Quality Management : A presentation by a third year student.
byMbalenhle Ndlovu
 
PPTX
English Home Language & First Additional Language P2 Preparation.pptx
byMasingita Maswanganye
 
PDF
Admin Slides for Oct'25 semester - PB1_MC5.pdf
byGreat Files
 
DOCX
Extension Education: From theory to practice by Dr Subin K Mohan.docx
byDrSubinKMohan
 
PPTX
Safety Needs and Prevention of environmental hazards.pptx
byAneetaSharma15
 
PPTX
Project Dashboard in Odoo 18 Project
byCeline George
 
PPTX
DO 34 s 2025 - ammendment of DO 24 s 2025.pptx
byJeanalynEstrellado3
 
THERAPEUTIC ENVIORNMENT.............pptx
byAneetaSharma15
 
BUSINESS ETHICS – UNIT I: Introduction to Business Ethics
byD NANEE
 
Hudson Vitale "AI Essentials: From Tools to Strategies: A 2025 NISO Training ...
byNational Information Standards Organization (NISO)
 
GAS chromatography ppt (Presentation) by Jatin Chauhan
byjatinchauhan1618
 
Single entry System Vs Double entry System.pptx
bylavanyafranklin0804
 
The Minority Caucus in Parliament has called on government to take immediate ...
bynservice241
 
Welcome to our Open Evening 2025 Ballinrobe CS
byjacollins1515
 
Capitol Webinar October 2025 Dr. Jha.pptx
byCapitolTechU
 
Capital Budgeting - Risk Analysis Using Sensitivity Analysis
bySundar B N
 
The Children’s Support Fund, set up to support the welfare and education of c...
bynservice241
 
Yaksha Prashna | General Quiz at RLAC | Amlan Sarkar | Full Set
byAmlan Sarkar
 
Common problems or challenges faced by Indian adolescents
byDr. Harpal Kaur
 
BUSINESS ETHICS – UNIT V: Ethical Insights from Thirukkural and Modern Thought
byD NANEE
 
Total Quality Management : A presentation by a third year student.
byMbalenhle Ndlovu
 
English Home Language & First Additional Language P2 Preparation.pptx
byMasingita Maswanganye
 
Admin Slides for Oct'25 semester - PB1_MC5.pdf
byGreat Files
 
Extension Education: From theory to practice by Dr Subin K Mohan.docx
byDrSubinKMohan
 
Safety Needs and Prevention of environmental hazards.pptx
byAneetaSharma15
 
Project Dashboard in Odoo 18 Project
byCeline George
 
DO 34 s 2025 - ammendment of DO 24 s 2025.pptx
byJeanalynEstrellado3
 

Cyber Security and data Security for all.pptx

  • 1.
    Introduction The internet hasmade the world smaller in many ways but it has also opened us up to influences that have never before been so varied and so challenging. With an increasing amount of people getting connected to Internet, the security threats that cause massive harm are also increasing. As fast as security grew, the hacking world grew faster. The term cyber security is used to refer to the security offered through on-line services to protect your online information.
  • 2.
    What is CyberSecurity ? Cybersecurity is primarily about people, processes, and technologies working together to encompass the full range of threat reduction, vulnerability reduction, deterrence, international engagement, incident response, resiliency, and recovery policies and activities, including computer network ops, information assurance, law enforcement, etc. Cyber Security includes being protected by internet-connected systems, including hardware, software and data from cyber attacks. In a computing context, security comprises cyber security and physical security both are used by enterprises to safe against unauthorized access to data centre and other computerized systems. It is the body of technologies, processes, and practices designed to protect networks, devices, programs, and data from attack, theft, damage, modification or unauthorized access. It may also be referred to as information technology security.
  • 3.
    Why is CyberSecurity Important? Our world today is ruled by technology and we can’t do without it at all. From booking our flight tickets, to catching up with an old friend, technology plays an important role in it. However, the same technology may expose you when it’s vulnerable and could lead to loss of essential data. Cyber security, alongside physical commercial security has thus, slowly and steadily, become one of the most important topics in the business industry to be talked about. Cyber security is necessary since it helps in securing data from threats such as data theft or misuse, also safeguards your system from viruses. • •
  • 4.
    Cyber Security Objectives •Protect the confidentiality of data. • Preserve the integrity of data. • Promote the availability of data for authorized users. The objective of Cybersecurity is to protect information from being stolen, compromised or attacked. Cybersecurity can be measured by at least one of three goals- These goals form the confidentiality, integrity, availability (CIA) triad, the basis of all security programs.
  • 5.
  • 6.
    Confidentiality  the propertythat information is not made available or disclosed to unauthorized individuals, entities, or processes
  • 7.
    Confidentiality  Confidentiality refersto protecting information from being accessed by unauthorized parties. In other words, only the people who are authorized to do so can gain access to sensitive data.  A failure to maintain confidentiality means that someone who shouldn't have access has managed to get it, through intentional behavior or by accident. Such a failure of confidentiality, commonly known as a breach
  • 8.
    Integrity the property ofsafeguarding the accuracy and completeness of assets
  • 9.
    Integrity  Integrity refersto ensuring the authenticity of information—that information is not altered, and that the source of the information is genuine.  Imagine that you have a website and you sell products on that site. Now imagine that an attacker can shop on your web site and maliciously alter the prices of your products, so that they can buy anything for whatever price they choose. That would be a failure of integrity, because your information—in this case, the price of a product—has been altered and you didn't authorize this alteration
  • 10.
    Availability  The propertyof being accessible and usable upon demand by an authorized entity
  • 11.
    Availability  Availability meansthat information is accessible by authorized users.  Information and other critical assets are accessible to customers and the business when needed. Note, information is unavailable not only when it is lost or destroyed, but also when access to the information is denied or delayed
  • 12.
    Types of CyberAttacks • A cyber-attack is an exploitation of computer systems and networks. It uses malicious code to alter computer code, logic or data and lead to cybercrimes, such as information and identity theft. • Cyber Attacks can be classified as:- Web based Attacks • Injection attacks • DNS Spoofing • Session Hijacking • Email Attacks • Brute Force • Denial of Service • Dictionary Attacks • URL Interpretation • File Inclusion Attacks • Man in the Middle Attacks System or Malware Based Attacks • Virus • Worm • Trojan horse • Backdoors • Bots
  • 13.
    Malware : Sources • Removable media, like Pendrive, CDs, DVDs, and flash drives, may be used to send viruses to your system. Removablemedia • Viruses can be hidden in document files with the .exe extension. As soon as you open them, the virus activates. Documents and executable files • Download files only from trusted websites. If you download from untrusted websites, there may be chances that those files will contain viruses Internet downloads • Be sure that your service provider is genuine. If the network is unsecured, then it can be accessed by anyone. Network connections • Never open email attachments unless the sender can be trusted. These files may contain viruses to create backdoors. Email attachments • Never click on ads that you don’t trust. They are created so that you can click on them, and hackers will receive details about you. Malicious advertisements
  • 14.
    Malware : Functions Overwhelmingsystem resources: Malware, especially worms, can spread around and overwhelm a system or network. Some malware creates so many folders that no memory is left and slows a computer down. Creating a backdoor: Let’s look at an example: Microsoft sends updates every Sunday on all Windows platforms. How do these updates reach to your Windows OS? They create backdoors from where they can send updates. Similarly, hackers create backdoors from where they can continuously send viruses after getting into a system. Disabling security functions: Some malware can disable antivirus software, as well as security updates. This malware tends to last longer because there is no security to stop it. They tend to keep the system vulnerable to other malware. Creating botnets: Hackers make botnets by purely coding. A botmaster controls botnets, and they are usually used to crash websites. Botmaster tells all botnets to flood the website by accessing the website at the same time.
  • 15.
    Cyber Attackers In computerand computer networks, an attacker is the individual or organization who performs the malicious activities to destroy, expose, alter, disable, steal or gain unauthorized access to or make unauthorized use of an asset. There are four types of Cyber Attackers:- • Cyber Criminals - are individual or group of people who use tech to commit cybercrime with the intention of stealing sensitive company information or personal data and generating profits. • Hacktivists - are individuals or groups of hackers who carry out malicious activity to promote a political agenda, religious belief, or social ideology. • State Sponsored Attackers – They have particular objectives aligned with either the political, commercial or military interests of their country of origin. • Insider Threats - The insider threat is a threat to an organization's security or data that comes from within. These types of threats are usually occurred from employees or former employees, but may also arise from third parties, including contractors, temporary workers, employees or customers.
  • 16.
  • 17.
    Data Security Consideration Datasecurity uses various methods to make sure that the data is correct, original, kept confidentially and is safe. It includes- • Ensuring the integrity of data. • Ensuring the privacy of the data. • Prevent the loss or destruction of data. Data Security Consideration • Backups - refers to save additional copies of our data in separate physical or cloud locations from data files in storage. It is essential for us to keep secure, store, and backup our data on a regular basis. • Archival Storage - is the process of retaining or keeping of data at a secure place for long-term storage. The data might be stored in safe locations so that it can be used whenever it is required. • Disposal of Data - Data destruction or disposal of data is the method of destroying data which is stored on tapes, hard disks and other electronic media so that it is completely unreadable, unusable and inaccessible for unauthorized purposes. It also ensures that the organization retains records of data for as long as they are needed.
  • 18.
    Firewalls - Firewallis a computer network security system designed to prevent unauthorized access to or from a private network. It can be implemented as hardware, software, or a combination of both. VPNs - A VPN stands for virtual private network. It is a technology which creates a safe and an encrypted connection on the Internet from a device to a network. This type of connection helps to ensure our sensitive data is transmitted safely. Intrusion Detection - An IDS is a security system which monitors the computer systems and network traffic. It analyses that traffic for possible hostile attacks originating from the outsider and also for system misuse or attacks originating from the insider. Access Control - Access control is a process of selecting restrictive access to a system. It is a concept in security to minimize the risk of unauthorized access to the business or organization. Security Technologies
  • 19.
    Cyber Security Standards Tomake cybersecurity measures explicit, the written norms are required. These norms are known as cybersecurity standards: the generic sets of prescriptions for an ideal execution of certain measures. The standards may involve methods, guidelines, reference frameworks, etc. Security standards include: • International Organization for Standardization (ISO) - These standards provide a world-class specification for products, services and computers, to ensure quality, safety and efficiency. They are instrumental in facilitating international trade. • The Information Technology Act (ITA-2000) - Aims is to provide the legal infrastructure in India which deal with cybercrime and e-commerce. • Copyright Act - Copyright is a legal term which describes the ownership of control of the rights to the authors of "original works of authorship" that are fixed
  • 20.
    Cyber Security Tools Firewalls Antivirussoftware Public Key Infrastructure (PKI) Services Managed Detection and Response (MDR) Services Penetration Testing Staff Training
  • 21.
    Cyber Security Challenges RansomwareEvolution Blockchain Revolution Internet of Things (IoT) Threats AI Expansion Serverless Apps Vulnerability Crypto Currency Hijacking
  • 22.
    • TURN OFFAND REMOVE UN-NEEDED SERVICES • ALWAYS KEEP YOUR PATCH LEVELS UP-TO-DATE • ENFORCE A PASSWORD POLICY. USE COMPLEX PASSWORDS • CONFIGURE MAIL SERVER TO BLOCK OR REMOVE E-MAILS CONTAINING ATTACHMENTS COMMONLY USED TO SPREAD VIRUSES • TRAIN EMPLOYEES NOT TO OPEN ATTACHMENTS UNLESS THEY ARE EXPECTING THEM • ISOLATE INFECTED COMPUTERS QUICKLY TO PREVENT FURTHER COMPROMISING YOUR ORGANISATION • REGULARLY UPDATE AND USE ANTI-VIRUS SOFTWARE BEST SECURITY PRACTICES FOR USERS AND SYS ADMINISTRATORS
  • 23.
    • OPENING UNSOLICITEDE-MAIL ATTACHMENTS WITHOUT VERIFYING THEIR SOURCE • FAILING TO INSTALL SECURITY PATCHES – ESPECIALLY FOR OS, MICROSOFT OFFICE AND INTERNET EXPLORER • INSTALLING SCREEN SAVERS OR GAMES FROM UNKNOWN SOURCES • NOT MAKING AND TESTING BACKUPS • USING MODEM WHILE CONNECTED THROUGH LAN FIVE WORST SECURITY MISTAKES END-USERS MAKE
  • 24.
    • FAILING TOMAINT AND TEST BACKUPS • RUNNING UNNECESSARY SERVICES LIKE FTP, TELNET AND MAIL • IMPLEMENTING FIREWALLS WITH RULES THAT DOESN’T STOP MALICIOUS OR DANGEROUS TRAFFIC-INCOMING OR OUTGOING • FAILING TO UPDATE ANTI-VIRUS SOFTWARE • FAILING TO EDUCATE USERS ON WHAT TO LOOK FOR AND WHAT TO DO WHEN THEY SEE POTENTIAL SECURITY PROBLEM FIVE WORST SECURITY MISTAKES IT PEOPLE MAKE
  • 25.
    Conclusion In an organization,to accomplish an effective Cyber Security approach, the peoples, processes, computers, networks and technology of an organization either big or small should be equally responsible. If all components will complement each other then, it is very much possible to stand against the tough cyber threat and attacks.